$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa File: 9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa (raw, json) Hash identifier: G3/ZDRJTXMIcm/pnMB8DRuSHofWeo4wqJ4BCA1kfjGo= Subject key identifier: C1:94:0D:55:DC:05:78:53:49:E0:B4:D1:B8:97:34:E0:3E:E1:E9:4D Certificate issuer: /CN=A91E9467/serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Certificate serial: 0541 Authority key identifier: 52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa Signing time: Sat 28 Feb 2026 10:04:36 +0000 ROA not before: Sat 28 Feb 2026 10:04:36 +0000 ROA not after: Thu 30 Jul 2026 00:00:00 +0000 asID: 136308 IP address blocks: 103.150.152.0/23 maxlen: 23 103.150.152.0/24 maxlen: 24 103.150.153.0/24 maxlen: 24 202.12.80.0/22 maxlen: 22 202.12.80.0/23 maxlen: 23 202.12.80.0/24 maxlen: 24 202.12.81.0/24 maxlen: 24 202.12.82.0/23 maxlen: 23 202.12.82.0/24 maxlen: 24 202.12.83.0/24 maxlen: 24 2405:3e40::/32 maxlen: 32 2405:3e40:1::/48 maxlen: 48 Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 08 Mar 2026 00:23:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1345 (0x541) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9467, serialNumber=52BE9DDE9568FE4ADCA0F345B3617A63C3075845 Validity Not Before: Feb 28 10:04:36 2026 GMT Not After : Jul 30 00:00:00 2026 GMT Subject: CN=69a2bdb4-11c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:91:ce:7d:3f:1e:af:f7:cb:5a:74:47:90:d8:df: fe:39:cd:1e:c4:56:97:ff:05:fb:4f:23:5e:4d:78: 9b:10:50:3d:30:71:7e:fa:29:fd:ed:37:0e:28:1e: 0f:6a:dc:53:ff:6e:1d:1d:7a:d9:ed:38:da:b6:c3: 47:e9:96:57:bd:b2:a1:a2:ce:30:e3:63:b0:03:83: b0:48:f0:87:6e:f8:75:3d:63:0b:86:98:c6:bc:95: ee:38:d9:eb:df:18:f1:05:dc:1f:06:58:25:36:e0: 73:2a:e4:88:6f:ee:00:8d:9a:ed:c8:5a:01:ef:db: e6:73:5f:16:4e:64:d1:a4:af:6f:98:d5:2c:62:16: 6b:de:97:68:78:ab:7b:a5:c4:67:45:9a:9f:77:bd: 9e:95:40:2c:2e:df:91:18:18:01:1d:26:ac:59:40: fb:6c:77:c5:41:00:f3:d6:30:df:92:86:84:bb:0e: a8:9a:aa:c4:0e:68:a3:5e:d0:eb:0b:17:05:7b:32: 31:7c:20:d3:a7:0c:3d:88:c8:c2:c5:a3:1c:04:86: 0d:9b:fe:63:cf:fe:94:a3:41:57:cc:fc:96:dd:ad: 00:25:d8:40:96:69:8c:5a:18:30:5b:fc:da:6b:98: c0:95:81:57:65:97:85:52:4f:e5:cd:6c:54:f9:74: 0b:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:94:0D:55:DC:05:78:53:49:E0:B4:D1:B8:97:34:E0:3E:E1:E9:4D X509v3 Authority Key Identifier: keyid:52:BE:9D:DE:95:68:FE:4A:DC:A0:F3:45:B3:61:7A:63:C3:07:58:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur6d3pVo_krcoPNFs2F6Y8MHWEU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9467/770B4F1A526F11ECBC50EB17C4F9AE02/9D9B2E7A6D3211F0A68A8A58C4F9AE02.roa sbgp-ipAddrBlock: critical IPv4: 103.150.152.0/23 202.12.80.0/22 IPv6: 2405:3e40::/32 Signature Algorithm: sha256WithRSAEncryption a1:fc:bb:4a:d2:dd:16:b5:76:1c:c9:46:ca:7a:19:ab:53:dd: db:46:e4:2b:62:64:4e:4d:a2:43:7c:b1:7b:71:62:66:1f:a2: 95:20:ec:3c:ad:4e:c3:15:38:ed:ae:2d:52:08:6f:f5:dc:f0: 9a:da:94:3e:b5:2e:8c:53:f0:d6:60:6b:06:03:7d:bb:2a:94: f5:4a:15:7d:9d:08:1b:7a:94:b9:8c:14:72:0a:55:be:32:c8: 84:4c:88:3e:ed:c3:4c:06:21:50:03:2d:59:97:e5:72:14:e2: dd:12:b7:c2:37:a0:f1:94:e7:ec:d4:42:20:c9:49:0d:54:17: 14:26:4e:7b:bd:f7:d6:8c:ec:de:d4:d7:6e:72:46:96:c1:a0: 8e:33:b1:6f:2a:09:0f:1f:99:42:b4:34:ed:4c:1d:b7:38:48: 0c:c7:c1:a5:75:81:8f:4e:48:b6:d6:9f:18:97:b1:8e:54:b3: 45:f0:1a:59:3a:de:ea:f9:a7:cb:82:a9:e7:24:d1:c1:44:c7: 69:11:a7:42:db:d3:80:91:0e:06:33:a3:ab:58:3f:76:50:2b: 8e:8d:4e:7c:05:78:14:04:8a:2b:be:5d:45:7b:31:8a:17:1c: 85:61:18:3b:d1:b0:f3:05:41:06:c4:19:a9:b3:55:3d:42:14: 40:db:4d:a4 -----BEGIN CERTIFICATE----- MIIFUTCCBDmgAwIBAgICBUEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk0NjcxMTAvBgNVBAUTKDUyQkU5RERFOTU2OEZFNEFEQ0EwRjM0NUIzNjE3QTYz QzMwNzU4NDUwHhcNMjYwMjI4MTAwNDM2WhcNMjYwNzMwMDAwMDAwWjAYMRYwFAYD VQQDDA02OWEyYmRiNC0xMWM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkc59Px6v98tadEeQ2N/+Oc0exFaX/wX7TyNeTXibEFA9MHF++in97TcOKB4P atxT/24dHXrZ7TjatsNH6ZZXvbKhos4w42OwA4OwSPCHbvh1PWMLhpjGvJXuONnr 3xjxBdwfBlglNuBzKuSIb+4AjZrtyFoB79vmc18WTmTRpK9vmNUsYhZr3pdoeKt7 pcRnRZqfd72elUAsLt+RGBgBHSasWUD7bHfFQQDz1jDfkoaEuw6omqrEDmijXtDr CxcFezIxfCDTpww9iMjCxaMcBIYNm/5jz/6Uo0FXzPyW3a0AJdhAlmmMWhgwW/za a5jAlYFXZZeFUk/lzWxU+XQLRwIDAQABo4ICdTCCAnEwHQYDVR0OBBYEFMGUDVXc BXhTSeC00biXNOA+4elNMB8GA1UdIwQYMBaAFFK+nd6VaP5K3KDzRbNhemPDB1hF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTQ2Ny83NzBCNEYxQTUy NkYxMUVDQkM1MEVCMTdDNEY5QUUwMi9VcjZkM3BWb19rcmNvUE5GczJGNlk4TUhX RVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VyNmQzcFZvX2tyY29QTkZzMkY2WThNSFdFVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIGWBggrBgEFBQcBCwSBiTCBhjCBgwYIKwYBBQUH MAuGd3JzeW5jOi8vcnBraS5hcG5pYy5uZXQvbWVtYmVyX3JlcG9zaXRvcnkvQTkx RTk0NjcvNzcwQjRGMUE1MjZGMTFFQ0JDNTBFQjE3QzRGOUFFMDIvOUQ5QjJFN0E2 RDMyMTFGMEE2OEE4QTU4QzRGOUFFMDIucm9hMDQGCCsGAQUFBwEHAQH/BCUwIzAS BAIAATAMAwQBZ5aYAwQCygxQMA0EAgACMAcDBQAkBT5AMA0GCSqGSIb3DQEBCwUA A4IBAQCh/LtK0t0WtXYcyUbKehmrU93bRuQrYmROTaJDfLF7cWJmH6KVIOw8rU7D FTjtri1SCG/13PCa2pQ+tS6MU/DWYGsGA327KpT1ShV9nQgbepS5jBRyClW+MsiE TIg+7cNMBiFQAy1Zl+VyFOLdErfCN6DxlOfs1EIgyUkNVBcUJk57vffWjOze1Ndu ckaWwaCOM7FvKgkPH5lCtDTtTB23OEgMx8GldYGPTki21p8Yl7GOVLNF8BpZOt7q +afLgqnnJNHBRMdpEadC29OAkQ4GM6OrWD92UCuOjU58BXgUBIorvl1FezGKFxyF YRg70bDzBUEGxBmps1U9QhRA202k -----END CERTIFICATE-----Generated at Mon Mar 2 04:02:56 2026 by rpki-client